Modern consumer products, such as smartphones or tablets, currently have a short life span of 1 to 3 years on average. Due to ever shorter product cycles, which affect both hardware and software, products of this kind are more susceptible to errors than previously, for example, due to shorter test phases. In addition, cyber attacks based on viruses or Trojans are becoming increasingly common.
As a result it is now commonplace for corrections to be needed, mainly to software but occasionally also to firmware, a process which is performed by means of correction software, referred to in the following as patches. This is a reliable means of correcting security vulnerabilities and programming errors.
The “patching” of consumer products represents the current state of the art, but in industrial installations, patching is seldom used. The patching of software in industrial installations often relates to critical infrastructure components, and there are already legal requirements in place to maintain such installations up to date from a security point of view, in other words, to equip them with the latest patches. However, these patches cannot always be easily installed, because boundary conditions of the respective industrial plant, such as real-time functionality or the configurations of the industrial plant, must be taken into account.